πŸ“Ά WiFi Password Generator

Last updated: June 20, 2026

πŸ“Ά WiFi Password Generator

Create strong, random WPA2/WPA3 keys β€” everything runs in your browser, nothing is sent anywhere.

Please select at least one character type.

Your WiFi Password
Strength

πŸ”’ 100% offline β€” no server calls, no logging. Uses crypto.getRandomValues() for cryptographic randomness. WPA2/WPA3 passwords must be 8–63 ASCII characters (this tool always meets that range).

Why Your Current WiFi Password Is Probably Terrible (And How to Fix It)

Let's be honest: most people's WiFi password is something like "familyname2019" or "dogname123" or whatever the router came with out of the box. And most people haven't changed it since the day they plugged in their router. This is a problem β€” a bigger one than most people realize.

Your WiFi password is the lock on the front door of your entire home network. Every device in your house β€” phones, laptops, smart TVs, baby monitors, security cameras, even your thermostat β€” sits behind that one password. If someone cracks it, they're inside your network. They can see unencrypted traffic, try to access shared files, slow down your connection by leeching bandwidth, or use your IP address for things you really don't want your IP address associated with.

What Actually Makes a WiFi Password "Strong"?

Think of it this way: if someone is trying to guess your WiFi password, they have a few approaches. The dumbest approach is trying random combinations one at a time β€” called brute force. The smarter approach is trying a dictionary of common words, names, dates, and phrases that people actually use β€” called a dictionary attack.

A password like "sunshine" fails immediately because it's literally in every hacker's wordlist. A password like "Sunshine2019!" is better, but predictable patterns (word + year + symbol) are also in those lists. What actually stops both kinds of attacks is length and genuine randomness.

Here's a simple way to understand entropy β€” the technical measure of password strength. If your password is 8 characters and you only use lowercase letters (26 options per character), there are roughly 200 billion possible combinations. Sounds like a lot, but modern password-cracking hardware can test billions of guesses per second. That 8-character password could fall in minutes.

Now take a 20-character password using uppercase, lowercase, digits, and symbols β€” about 90 possible characters per position. The number of combinations becomes astronomical: something like 10 to the power of 39. Even every computer on Earth working together for billions of years couldn't crack that. That's the goal.

WPA2 vs WPA3 β€” Which One Should You Use?

WPA stands for Wi-Fi Protected Access. It's the encryption standard your router uses to protect the connection between your devices and the router itself. Think of it as the type of lock on that front door, while the password is the actual key.

WPA2 has been the standard since 2004. It works well and is supported by every device manufactured in the last 15+ years. Most home routers still default to WPA2 or WPA2/WPA3 mixed mode. The main weakness of WPA2 is that if someone captures your WiFi handshake (the brief exchange when a device connects), they can run offline dictionary attacks against it at high speed.

WPA3 is the newer standard introduced in 2018. Its biggest improvement is something called Simultaneous Authentication of Equals (SAE), which replaces the old handshake method. With WPA3, an attacker who captures the handshake can't run fast offline attacks against it β€” every guess requires a real-time interaction with your router. This makes dictionary attacks dramatically slower, even if your password isn't perfect. Think of WPA3 as a lock that makes the wrong key break off rather than just not turning.

If your router supports WPA3, use it. If you're not sure, check your router's admin panel (usually at 192.168.1.1 or 192.168.0.1). Routers from 2020 onwards typically support WPA3. Older devices on your network that only support WPA2 can use "WPA2/WPA3 mixed mode" β€” your router will use the best protocol each device supports.

WPA2/WPA3 Password Rules You Need to Know

The WiFi password standard (technically called the PSK β€” Pre-Shared Key) has specific rules. It must be between 8 and 63 characters long. It must contain only printable ASCII characters β€” standard letters, numbers, and symbols that appear on a typical keyboard. Characters like accented letters (Γ©, ΓΌ, Γ±) or emoji are not safe to use because different devices may encode them differently, causing connection failures.

The sweet spot is anywhere from 16 to 30 characters. That length with a mix of character types gives you enough entropy that brute-force attacks become computationally impossible with any foreseeable technology. Going up to 63 characters (the maximum) is perfectly fine too β€” you'll only type it once per device.

Passphrases: The Human-Friendly Strong Password

There's a clever middle ground between "random gibberish" and "memorable but weak": the passphrase. Instead of one word, you chain four or more random words together, like river-castle-ember-solar-847!

This approach works because the strength comes from the number of possible word combinations, not from the complexity of individual characters. With a vocabulary of 64 words (like this tool uses), four random words give you 64 to the power of 4 possible combinations β€” about 16 million. Add random numbers and a symbol, and you're well into the tens of billions. That's more than enough for a WiFi key, and it's far easier to read off to a guest than a string of random symbols.

Where to Store It and How to Enter It on Devices

The biggest friction with a truly random 20-character password is that you only need to type it occasionally β€” when you get a new device, when a guest visits, or after resetting the router. Here are practical strategies:

Write it on your router: Stick a label on the bottom of your router with the WiFi name and password. This is fine for home use β€” anyone who can physically reach your router has more direct ways to compromise your network anyway.

Use a QR code: Most modern phones can scan a WiFi QR code to connect automatically. Many router admin panels can generate one, and free offline tools can create QR codes from your WiFi credentials so guests never have to type anything.

Save it in a password manager: Apps like Bitwarden (free, open source) or 1Password let you store the password once and retrieve it on any device. This is the most secure long-term approach.

What About Router Default Passwords?

Many routers come with a unique default WiFi password printed on a label β€” something like "TY4K2-R9PLQ-8WX3M". This is better than "password", but there are databases of how manufacturers generate these defaults, and some follow predictable patterns based on the router's MAC address. Always change the default to something you generate yourself.

Also change the router's admin panel password β€” that's a separate password from the WiFi password, and the default is almost always something like "admin" or "1234". Leaving it default means anyone on your WiFi can access your router's full settings.

One More Thing: Change It Occasionally

You don't need to change your WiFi password every month. But if you've shared it widely β€” with contractors, previous tenants, neighbors β€” it's worth regenerating a fresh one. When you change it, all previously connected devices will need to reconnect, which is a minor hassle but a clean reset of who has access.

Generate a new password with this tool, update it in your router's admin panel under the Wireless or Security section, update your password manager, and stick a new label on the router. Ten minutes of work for years of better network security.

FAQ

How long should a WPA2/WPA3 WiFi password be?
At minimum 12 characters, but 16-20 characters is the sweet spot for home and office networks. The WPA2/WPA3 standard allows up to 63 characters. Longer passwords are stronger β€” at 20 random characters you have well over 100 bits of entropy, making brute-force attacks computationally impossible.
Can I use spaces or special characters in my WiFi password?
You can use spaces and most printable ASCII symbols (like !@#$%^&*). However, avoid characters outside standard ASCII β€” accented letters, emoji, or non-English characters can cause connection failures on some devices because they may be encoded differently. Stick to standard keyboard characters for maximum compatibility.
Is a passphrase like 'river-castle-ember-solar' as secure as a random string?
It can be, depending on the word pool size and length. A 4-word passphrase from a large random vocabulary combined with numbers and symbols gives tens of billions of possible combinations β€” more than enough for a WiFi key. With WPA3, even weaker passphrases are significantly harder to attack offline. For WPA2 networks, stick to at least 4 random words plus extra characters.
Does this tool send my password anywhere?
No. This tool runs entirely in your browser using JavaScript. It uses the browser's built-in crypto.getRandomValues() function for cryptographic randomness and never makes any network requests. Nothing is logged, stored, or transmitted. You can even disconnect from the internet and it will still work.
What is the difference between WPA2 and WPA3 for password security?
WPA2 is vulnerable to offline dictionary attacks β€” if someone captures your WiFi handshake, they can test billions of password guesses per second on their own hardware. WPA3 uses a better handshake protocol (SAE) that forces each guess to interact with your router in real time, slowing attacks to a crawl. WPA3 makes even moderately strong passwords far more resistant to cracking.
Should I change my WiFi password regularly?
Only when necessary, not on a fixed schedule. Good reasons to change it: you've shared it with many people (contractors, guests), someone you no longer trust had access, or you suspect unauthorized devices on your network. A strong, unique password generated by this tool does not need monthly rotation the way a web account password might.